CVE-2026-42400: CWE-400 Uncontrolled Resource Consumption in Elastic Kibana
CVE-2026-42400 is a medium severity vulnerability in Elastic Kibana affecting versions 8. 0. 0, 9. 0. 0, and 9. 4. 0. It involves uncontrolled resource consumption (CWE-400) caused by processing a specially crafted compressed request payload before authorization checks. This can lead to excessive CPU and memory usage, potentially causing the Kibana instance to become unresponsive or crash, resulting in a denial of service condition. The vulnerability requires an authenticated user to exploit and does not impact confidentiality or integrity.
AI Analysis
Technical Summary
CVE-2026-42400 is an uncontrolled resource consumption vulnerability in Elastic Kibana versions 8.0.0, 9.0.0, and 9.4.0. An authenticated attacker can send a specially crafted compressed request payload that is processed prior to authorization checks. This processing causes excessive allocation of memory and CPU resources, which can lead to denial of service by making the Kibana instance unresponsive or causing it to crash. The vulnerability is classified under CWE-400 and involves excessive allocation as described by CAPEC-130. The CVSS 3.1 base score is 6.5 (medium severity) with network attack vector, low attack complexity, requiring privileges, no user interaction, and impact limited to availability.
Potential Impact
Successful exploitation results in denial of service by exhausting CPU and memory resources on the affected Kibana instance. This can cause the service to become unresponsive or crash, impacting availability. There is no impact on confidentiality or integrity. The attacker must be authenticated to exploit this vulnerability.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Since no official fix or temporary mitigation is provided, users should restrict authenticated access to trusted users only and monitor for unusual resource consumption. Follow Elastic's official advisories for updates on patches or mitigations.
CVE-2026-42400: CWE-400 Uncontrolled Resource Consumption in Elastic Kibana
Description
CVE-2026-42400 is a medium severity vulnerability in Elastic Kibana affecting versions 8. 0. 0, 9. 0. 0, and 9. 4. 0. It involves uncontrolled resource consumption (CWE-400) caused by processing a specially crafted compressed request payload before authorization checks. This can lead to excessive CPU and memory usage, potentially causing the Kibana instance to become unresponsive or crash, resulting in a denial of service condition. The vulnerability requires an authenticated user to exploit and does not impact confidentiality or integrity.
CVSS v3.1
Score 6.5medium
Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2026-42400 is an uncontrolled resource consumption vulnerability in Elastic Kibana versions 8.0.0, 9.0.0, and 9.4.0. An authenticated attacker can send a specially crafted compressed request payload that is processed prior to authorization checks. This processing causes excessive allocation of memory and CPU resources, which can lead to denial of service by making the Kibana instance unresponsive or causing it to crash. The vulnerability is classified under CWE-400 and involves excessive allocation as described by CAPEC-130. The CVSS 3.1 base score is 6.5 (medium severity) with network attack vector, low attack complexity, requiring privileges, no user interaction, and impact limited to availability.
Potential Impact
Successful exploitation results in denial of service by exhausting CPU and memory resources on the affected Kibana instance. This can cause the service to become unresponsive or crash, impacting availability. There is no impact on confidentiality or integrity. The attacker must be authenticated to exploit this vulnerability.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Since no official fix or temporary mitigation is provided, users should restrict authenticated access to trusted users only and monitor for unusual resource consumption. Follow Elastic's official advisories for updates on patches or mitigations.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- elastic
- Date Reserved
- 2026-04-27T10:14:34.318Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a18aa29e29bf47b5027bd8e
Added to database: 5/28/2026, 8:48:41 PM
Last enriched: 5/28/2026, 9:20:44 PM
Last updated: 5/29/2026, 7:55:10 AM
Views: 7
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.